Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Attached Files

BrianDrab

Posted 11 September 2015 - 05:44 PM

BrianDrab

Trusted Helper

Malware Removal

3,590 posts

Excellent. Do you know what you want to use as your Antivirus going forward? My recommendation is to use Microsoft Security Essentials as it's free, light on resources and can be as good as other paid alternatives. If you still want to use AVG or another product then feel free to download it to your desktop but don't install yet. I need to check for any remnants first. Please do the following.

Note: At the moment your machine has no Antivirus so please try to stay off the internet for anything unnecessary until we re-install one. The infection you had was severe so I had to do it this way.

Step#1 - Fresh Set of Logs

1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check box this log will be created as well. Please copy and paste this log as well.

Attached Files

BrianDrab

Posted 12 September 2015 - 10:03 AM

BrianDrab

Trusted Helper

Malware Removal

3,590 posts

Thank you. There were indeed remnants that needed cleaned up. Please do the following.

Step#1 - FRST FixNOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. fixlist.txt4.47KB118 downloadsNote. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

Right-click on the file that is downloaded to your desktop and select Run as administrator. Answer Yes when asked to Allow.

Select the appropriate language and click OK.

Click Next.

Select "I accept the agreement" and click Next.

Click Next

Change the install path if desired. Normally you will keep this as is. Click Next.

Click Next again.

Click Next again.

Click Install.

Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".

Click Finish

If an update is found you will be prompted to download and install. Go ahead.

Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.

Click the Scan button at the top of the form and then click Start Scan button and let complete.

If malware was detected you can now click the Remove Selected Button. If no malware was detected you can skip the rest of these bullet items and go to the next step which is to retrieve the Malwarebytes log.

Once the malware is removed you may get a prompt asking you to reboot. Note: Please answer Yes.

.

Step#4 - Retrieve Malwarebytes Log1. Open up the Malwarebytes program again if it's not already. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware". 2. Click the History button as shown in the picture below.3. Click Application Logs as shown in the picture below.4. Click on the most recent Scan Log as shown in the picture below.

5. The Scanning History Log screen will open. Click the Export button in the lower left and choose Copy to Clipboard. Paste the info into your next post (Right-click your mouse in the post and select Paste).

Attached Files

Advertisements

BrianDrab

Posted 14 September 2015 - 11:25 AM

BrianDrab

Trusted Helper

Malware Removal

3,590 posts

Looks good. Let's uninstall comboxfix and plug a few vulnerabilities.

Step#1 - Uninstall Combofix1. Please ensure that Combofix.exe is still on your desktop before proceeding.2. Click your Start button and in the search box type Combofix /Uninstall and hit enter on your keyboard. (Note there is a space after Combofix and before /Uninstall).3. Allow Combofix to run as it will perform the uninstall procedures.

Step#2 - Uninstalls
Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are outdated and vulnerable.

Adobe Flash Player 16 ActiveX <<-----I wouldn't re-install this one until you find a need for itAdobe Reader 9.5.2<<-----after uninstalling you may install the most current version from here.

cmd <<----this is an unknown program and should be uninstalled unless you are sure what it is

Step#3 - Windows Updates

Please make sure you go to Windows Updates and download, install all critical/important updates. Keep doing this until there are no more left.